<?php
include '../include.php';
if ($posting) {
if (isset($_POST['order'])) {
$counter = 1;
foreach ($_POST['order'] as $id) {
db_query('UPDATE intranet_offices SET precedence = ' . $counter . ' WHERE id = ' . $id);
$counter++;
}
exit;
} else {
db_enter('intranet_offices', 'name address precedence');
url_query_drop('id');
}
} elseif (url_id() && url_action('delete')) {
db_query('DELETE FROM intranet_offices WHERE id = ' . $_GET['id']);
url_query_drop('action,id');
}
drawTop();
if (url_id()) {
if (!($l = db_grab('SELECT id, name, address, precedence FROM intranet_offices WHERE id = ' . $_GET['id']))) {
url_query_drop('id');
}
$form = new intranet_form();
$form->addRow('hidden', '', 'precedence', $l['precedence']);
$form->addRow('itext', 'Name', 'name', $l['name'], '', true, 255);
$form->addRow('textarea-plain', 'Address', 'address', $l['address'], '');
$form->addRow('submit', 'Save Changes');
$form->draw('Edit Location');
} else {
<?php
include "../include.php";
if ($posting) {
if (isset($_POST['order'])) {
$counter = 1;
foreach ($_POST['order'] as $link_id) {
db_query('UPDATE spotlight SET precedence = ' . $counter . ' WHERE id = ' . $link_id);
$counter++;
}
die(drawSpotlight());
} else {
$id = db_enter('spotlight', 'title url precedence');
if ($uploading && file_ext($_FILES["userfile"]['name']) == 'jpg') {
define('DIRECTORY_ROOT', $_SERVER['DOCUMENT_ROOT']);
define('DIRECTORY_WRITE', '/uploads');
$image = format_image($_FILES["userfile"]["tmp_name"], 'jpg');
$image = format_image_resize($image, 320, 320);
file_put('/uploads/spotlight/' . $id . '.jpg', $image);
}
url_change();
}
} elseif (!empty($_GET['id']) && url_action('delete')) {
db_query('DELETE FROM spotlight WHERE id = ' . $_GET['id']);
url_query_drop('action,id');
}
drawTop();
?>
<table cellspacing="1" class="left draggable spotlight">
<thead>
<?php
<?php
include '../include.php';
if ($posting) {
error_debug("handling bb post");
format_post_bits("isAdmin,temporary");
$id = db_enter("bulletin_board_topics", "title |description isAdmin temporary");
db_query("UPDATE bulletin_board_topics SET threadDate = GETDATE() WHERE id = " . $id);
if ($_POST["isAdmin"] == "'1'") {
//send admin email
//get topic
$r = db_grab("SELECT \n\t\t\t\tt.title,\n\t\t\t\tt.description,\n\t\t\t\tu.userID,\n\t\t\t\tISNULL(u.nickname, u.firstname) firstname,\n\t\t\t\tu.lastname,\n\t\t\t\tt.createdOn\n\t\t\t\tFROM bulletin_board_topics t\n\t\t\t\tJOIN intranet_users u ON t.createdBy = u.userID\n\t\t\t\tWHERE t.id = " . $id);
//construct email
$message = drawEmailHeader();
$message .= drawServerMessage("<b>Note</b>: This is an Administration/Human Resources topic from the <a href='http://" . $server . "/bulletin_board/'>Intranet Bulletin Board</a>. For more information, please contact the <a href='mailto:hrpayroll@seedco.org'>Human Resources Department</a>.");
$message .= '<table class="center">';
$message .= drawHeaderRow("Email", 2);
$message .= drawThreadTop($r["title"], $r["description"], $r["userID"], $r["firstname"] . " " . $r["lastname"], $r["createdOn"]);
$message .= '</table>' . drawEmailFooter();
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$headers .= "From: " . $_josh["email_default"] . "\r\n";
//get addresses & send
$users = db_query("SELECT email FROM intranet_users WHERE isactive = 1");
while ($u = db_fetch($users)) {
mail($u["email"], $r["title"], $message, $headers);
}
}
syndicateBulletinBoard();
url_change();
}
//send invitation
$name = str_replace("'", "", $_POST["nickname"] == "NULL" ? $_POST["firstname"] : $_POST["nickname"]);
email_invite($id, $email_address, $name);
}
//update permissions
db_checkboxes("permissions", "administrators", "userID", "moduleID", $id);
db_checkboxes("skills", "users_to_skills", "user_id", "skill_id", $id);
//check long distance code
if ($locale == "/_seedco/" && $_POST["officeID"] == "1") {
if (!db_grab("SELECT longdistancecode FROM intranet_users WHERE userID = " . $id)) {
$code = db_grab("SELECT code FROM ldcodes WHERE code NOT IN ( SELECT longdistancecode FROM intranet_users WHERE isActive = 1 AND longdistancecode IS NOT NULL)");
db_query("UPDATE intranet_users SET longDistanceCode = {$code} WHERE userID = " . $id);
}
}
} else {
$id = db_enter("intranet_users", "firstname nickname lastname email title #corporationID departmentID officeID phone bio homeAddress1 homeAddress2 homeCity homeStateID homeZIP homePhone homeCell homeEmail emerCont1Name emerCont1Relationship emerCont1Phone emerCont1Cell emerCont1Email emerCont2Name emerCont2Relationship emerCont2Phone emerCont2Cell emerCont2Email", "userID");
}
//upload new staff image
if ($uploading && file_ext($_FILES["userfile"]['name']) == 'jpg') {
define('DIRECTORY_ROOT', $_SERVER['DOCUMENT_ROOT']);
define('DIRECTORY_WRITE', '/uploads');
$image = format_image($_FILES["userfile"]["tmp_name"], 'jpg');
$image = format_image_resize($image, 320, 320);
file_put('/uploads/staff/' . $id . '.jpg', $image);
}
url_change("view.php?id=" . $id);
}
drawTop();
if (isset($_GET["id"])) {
$r = db_grab("SELECT \n\t\tu.firstname,\n\t\tu.nickname,\n\t\tu.lastname,\n\t\tu.title, \n\t\tu.email, \n\t\tu.bio, \n\t\tu.phone, \n\t\tu.rankID,\n\t\tu.lastlogin,\n\t\tu.officeID, \n\t\tu.corporationID,\n\t\tu.departmentID,\n\t\tu.homeAddress1,\n\t\tu.homeAddress2,\n\t\tu.homeCity,\n\t\tu.homeStateID,\n\t\tu.homeZIP,\n\t\tu.homePhone,\n\t\tu.homeCell,\n\t\tu.homeEmail,\n\t\tu.emerCont1Name,\n\t\tu.emerCont1Relationship,\n\t\tu.emerCont1Phone,\n\t\tu.emerCont1Cell,\n\t\tu.emerCont1Email,\n\t\tu.emerCont2Name,\n\t\tu.emerCont2Relationship,\n\t\tu.emerCont2Phone,\n\t\tu.emerCont2Cell,\n\t\tu.emerCont2Email,\n\t\tu.createdOn,\n\t\tu.updatedOn,\n\t\tu.startDate,\n\t\tu.endDate\n\t\tFROM intranet_users u\n\t\tWHERE u.userID = " . $_GET["id"]);
if ($_GET["id"] == $user["id"] && $user["update_days"] > 90) {
<?php
include "../include.php";
if ($posting) {
if (isset($_POST['order'])) {
$counter = 1;
foreach ($_POST['order'] as $link_id) {
db_query('UPDATE links SET precedence = ' . $counter . ' WHERE id = ' . $link_id);
$counter++;
}
die(drawLinks());
//for ajax to update links area in sidebar
} else {
db_enter("links", "text url precedence");
url_change();
}
} elseif (!empty($_GET['id']) && url_action('delete')) {
db_query('DELETE FROM links WHERE id = ' . $_GET['id']);
url_query_drop('action,id');
}
drawTop();
?>
<table cellspacing="1" class="left draggable links">
<thead>
<?php
echo drawHeaderRow(false, 4, "new", "#bottom");
?>
<tr>
<th class="reorder"></th>
<th>Link</th>
<th>Address</th>
<?php
include "include.php";
if ($posting) {
$id = db_enter("calendar_events", "title description *startDate typeID");
url_change("./event.php?id=" . $_GET["id"]);
}
$e = db_grab("SELECT \n\t\te.title, \n\t\te.description, \n\t\te.startDate, \n\t\te.typeID,\n\t\tISNULL(u.nickname, u.firstname) first,\n\t\tu.lastname last,\n\t\te.createdBy,\n\t\te.createdOn,\n\t\tMONTH(e.startDate) month, \n\t\tYEAR(e.startDate) year\n\tFROM calendar_events e\n\tJOIN intranet_users u ON e.createdBy = u.userID\n\tWHERE e.id = " . $_GET["id"]);
drawTop();
echo drawNavigationCal($e["month"], $e["year"], true);
$form = new intranet_form();
if ($isAdmin) {
$form->addUser("createdBy", "Posted By", $user["id"], $e["createdBy"], true);
}
$form->addRow("itext", "Title", "title", $e["title"], "", true);
$form->addRow("select", "Type", "typeID", "SELECT id, description FROM calendar_events_types ORDER BY description", $e["typeID"], true);
$form->addRow("datetime", "Date", "startDate", $e["startDate"]);
$form->addRow("textarea", "Notes", "description", $e["description"], "", true);
$form->addRow("submit", "save changes");
$form->draw("Edit Event");
drawBottom();
<?php
include "../include.php";
if ($posting) {
$_POST["description"] = format_html($_POST["message"]);
$_POST["topicID"] = $_GET["id"];
$editing = false;
$id = db_enter("bulletin_board_followups", "topicID |description");
db_grab("SELECT topicID FROM bulletin_board_followups WHERE id = " . $id);
db_query("UPDATE bulletin_board_topics SET threadDate = GETDATE() WHERE id = " . $_GET["id"]);
syndicateBulletinBoard();
url_change();
}
//set topic and followups to deleted
if (isset($_GET["delete"])) {
db_query("UPDATE bulletin_board_topics SET \n\t\t\t\tisActive = 0,\n\t\t\t\tdeletedOn = GETDATE(),\n\t\t\t\tdeletedBy = {$user["id"]}\n\t\t\t WHERE id = " . $_GET["id"]);
syndicateBulletinBoard();
url_change("/bb/");
} elseif (isset($_GET["deleteFollowupID"])) {
db_query("UPDATE bulletin_board_followups SET \n\t\t\t\tisActive = 0,\n\t\t\t\tdeletedOn = GETDATE(),\n\t\t\t\tdeletedBy = {$user["id"]}\n\t\t\t WHERE ID = " . $_GET["deleteFollowupID"]);
url_query_drop("deleteFollowupID");
}
//get topic data
$r = db_grab("SELECT \n\t\tt.title,\n\t\tt.description,\n\t\tt.createdOn,\n\t\tt.isAdmin,\n\t\tu.userID,\n\t\tISNULL(u.nickname, u.firstname) firstname,\n\t\tu.lastname\n\t\tFROM bulletin_board_topics t\n\t\tJOIN intranet_users u ON t.createdBy = u.userID\n\t\tWHERE t.id = " . $_GET["id"]);
//check that it exists
if (empty($r)) {
url_change("/bb/");
}
drawTop();
echo drawSyndicateLink("bb");
$isPoster = $r["userID"] == $user["id"] ? true : false;
<?php
include 'include.php';
if ($posting) {
$id = db_enter('skills', 'title group');
if ($editing) {
url_change('skill.php?id=' . url_id());
} else {
url_change('skills.php');
}
}
echo drawTop();
if ($editing) {
$r = db_grab('SELECT title, `group` FROM skills WHERE id = ' . $_GET['id']);
}
$form = new intranet_form();
$form->addRow('itext', 'Title', 'title', @$r['title'], '', true, 50);
$form->addRow('itext', 'Group', 'group', @$r['group'], '', true, 50);
$form->addRow('submit', $editing ? 'Save Changes' : 'Add Skill');
echo $form->draw('<a href="./">Staff</a> > <a href="skills.php">Skills</a> > ' . ($editing ? 'Edit Skill' : 'Add Skill'));
echo drawBottom();
